Re: Wi[r]eless security (was: Suspend bug)

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



> Message: 6
> From: "David G. Miller" <dave@xxxxxxxxxxxxx>
> One reason I ended up running network cable to most of the rooms of our 
> house was the trouble I had trying to get a friend's laptop to connect 
> to my AP (it's also nice to have a gigabit LAN through the house).  If I 
> have trouble getting a system to connect and I have full access and know 
> "everything", it should at least be fairly difficult for someone who 
> doesn't have such access and knowledge.
> 
> I run WEP (will probably go to WPA when I find time to diddle with 
> setting it up), filter MACs and don't broadcast ESSID.  I know that 
> theoretically this set up isn't absolutely secure but I'm guessing I've 
> raised the bar high enough that I'll keep the script kiddies, access 
> scofflaws and all but the really serious crackers out.  Also, a quick 
> scan of the APs in the neighborhood indicates there are several that are 
> much easier to crack (or just use).
> 
> Cheers,
> Dave

Not long ago, I shared similar view-- for home use, minimal security should be 
"Good enough".

Two things changed my mind:

First, I was doing research for a paper on the current state of wireless security and
was shocked at how many security flaws existed in the early wireless protocols. 
For example, I can determine your WEP key and SSID by passively listening to your network.
This can be done with freely downloaded code.  Changing one's MAC address (to match 
your filters) has been available for years and doesn't require any additional software.

Second, we were talking about this topic and one of my friends told me his neighbor had
been named in a lawsuit over theft of digital music (Sony was suing him). Turns out that
the neighbor hadn't done anything illegal, but someone had been using (stealing) his 
home WiFi network to download music.... took him a while (and $$$) to prove he was innocent.

Do a Google search on "War driving"-- it's becoming a popular hobby...

--- Cris

-- 
 Cristopher J. Rhea                     Mayo Foundation
 Research Computing Facility             Pavilion 2-25
 crhea@xxxxxxxx                        Rochester, MN 55905
 (507) 284-0587                        Fax: (507) 284-5231

[Index of Archives]     [Older Fedora Users]     [Fedora Announce]     [Fedora Package Announce]     [EPEL Announce]     [Fedora Magazine]     [Fedora News]     [Fedora Summer Coding]     [Fedora Laptop]     [Fedora Cloud]     [Fedora Advisory Board]     [Fedora Education]     [Fedora Security]     [Fedora Scitech]     [Fedora Robotics]     [Fedora Maintainers]     [Fedora Infrastructure]     [Fedora Websites]     [Anaconda Devel]     [Fedora Devel Java]     [Fedora Legacy]     [Fedora Desktop]     [Fedora Fonts]     [ATA RAID]     [Fedora Marketing]     [Fedora Management Tools]     [Fedora Mentors]     [SSH]     [Fedora Package Review]     [Fedora R Devel]     [Fedora PHP Devel]     [Kickstart]     [Fedora Music]     [Fedora Packaging]     [Centos]     [Fedora SELinux]     [Fedora Legal]     [Fedora Kernel]     [Fedora OCaml]     [Coolkey]     [Virtualization Tools]     [ET Management Tools]     [Yum Users]     [Tux]     [Yosemite News]     [Gnome Users]     [KDE Users]     [Fedora Art]     [Fedora Docs]     [Asterisk PBX]     [Fedora Sparc]     [Fedora Universal Network Connector]     [Libvirt Users]     [Fedora ARM]

  Powered by Linux